blob: e0efa92590a6046472915a2595b527a403923079 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
# TODO(b/36657258): Remove data_between_core_and_vendor_violators once
# hostapd no longer directly accesses /data outside /data/vendor.
typeattribute hostapd data_between_core_and_vendor_violators;
# hostapd can read and write WiFi related data and configuration.
allow hostapd wifi_data_file:file rw_file_perms;
r_dir_file(hostapd, wifi_data_file)
# hostapd wants to create the directory holding its control socket.
allow hostapd hostapd_socket:dir create_dir_perms;
# hostapd needs to create, bind to, read, and write its control socket.
allow hostapd hostapd_socket:sock_file create_file_perms;
# audit2allow
allow hostapd sysfs_net:dir search;
allow hostapd wifi_data_file:dir { add_name create setattr write remove_name };
allow hostapd wifi_data_file:sock_file { create setattr unlink write };
|
